GRE and PF problem
compunction
compunction at gmail.com
Thu Jul 14 05:31:37 GMT 2005
GRE needs to pass bidirectional. You will need a binat to make it
work. I have not found a firewall that will allow GRE to work with a
many to one nat.
-Mark
On 7/13/05, Alex Povolotsky <tarkhil at webmail.sub.ru> wrote:
> Hello!
>
> I'm using FreeBSD (5.3-RELEASE-p5) as internet access server, and I have
> to NAT GRE packets. I'm using pf.
>
> The problem is that SOMETIMES PF fails to create proper rule using nat,
> while binat works fine.
>
> Not only I do not want to expose Windows boxes (even if those addresses
> are firewalled), but it's also a terrible waste of real IPs.
>
> Can anyone point me if I have incorrect PF config, or PF just work
> poorly with gre?
>
> Alex.
>
>
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list